- if no Release.gpg file is found, still load the hashes for
verification (closes: #636314) and add test
if (SigFile == "")
{
// There was no signature file, so we are finished. Download
- // the indexes without verification.
- QueueIndexes(false);
+ // the indexes and do hashsum verification
+ MetaIndexParser->Load(DestFile);
+ QueueIndexes(true);
}
else
{
(LP: #812862)
* test/integration/test-hashsum-verification:
- add regression test for hashsum verification
+ * apt-pkg/acquire-item.cc:
+ - if no Release.gpg file is found, still load the hashes for
+ verification (closes: #636314) and add test
-- Michael Vogt <mvo@debian.org> Tue, 12 Jul 2011 11:54:47 +0200
msgtest 'No Packages file in /var/lib/apt/lists'
[ "$(ls rootdir/var/lib/apt/lists/*Package* 2>/dev/null)" = "" ] && msgpass || msgfail
+ # now with the unsigned Release file
+ rm -rf rootdir/var/lib/apt/lists
+ rm aptarchive/InRelease aptarchive/Release.gpg
+ msgtest 'unsigned apt-get update gets the expected hashsum mismatch'
+ aptget update 2>&1 | grep "Hash Sum mismatch" > /dev/null && msgpass || msgfail
+
+
}
runtest
projects / apt.git / commitdiff
